﻿using System;
using System.Web;
using System.Collections;
using System.Web.Services;
using System.Web.Services.Protocols;

using System.Data;
using System.Data.SqlClient;
using System.Globalization;

/// <summary>
/// Order 的摘要说明
/// </summary>
[WebService(Namespace = "http://skypace.51vip.biz:811/crsi")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class Order : System.Web.Services.WebService {

    public Order () {

        //如果使用设计的组件，请取消注释以下行 
        //InitializeComponent(); 
    }

    //[WebMethod]
    //public DataSet Get_Order_Trip_sn(long order_no, out int ret_code, out string ret_msg)
    //{
    //    SqlCommand cmd = new SqlCommand();
    //    SqlParameter para;
    //    DataSet ds = new DataSet();

    //    cmd.Parameters.Clear();
    //    try
    //    {
    //        cmd.CommandText = "crsi_get_bk_trip_sn";
    //        para = cmd.Parameters.AddWithValue("@bk_id", order_no);
    //        //para = cmd.Parameters.AddWithValue("@pwd", password);
    //        //para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
    //        TinyDAL.Exec(ref cmd, ref ds);
    //    }
    //    catch (Exception ex)
    //    {
    //        ret_msg = ex.Message;
    //        ret_code = -1;
    //    }
    //    ret_msg = "";
    //    ret_code = 0;
    //    return ds;
    //}

    [WebMethod]
    public int New(int trip_count, int adt_count, int chd_count, int inf_count,
        string contact, string mobile, string phone, string email, string address, char request_type,
        string airline_buf, string flt_buf, string fltdate_buf, string ori_airport_buf, string des_airport_buf,
        string cabin_buf, string class_buf, string fare_buf,string dbf_buf, string user, string sign, out long order_no, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para, paraID;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        int ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            order_no = -1;
            return ret_code;
        }
        string sign_key = fltdate_buf + "|" + flt_buf + "|" + class_buf + "|" + fare_buf;
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            order_no = -1;
            return ret_code;
        }

        //int ret_code;
        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para, paraID;
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    order_no = -1;
        //    return ret_code;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    order_no = -1;
        //    return ret_code;
        //}
        //string inbuf = fltdate_buf + "|" + flt_buf + "|" + class_buf + "|" + fare_buf + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    order_no = -1;
        //    return ret_code;
        //}


        cmd.Parameters.Clear();
        order_no = -1;
        try
        {
            cmd.CommandText = "sali_bk_new";
            para = cmd.Parameters.AddWithValue("@trip_count", trip_count);
            para.SqlDbType = SqlDbType.TinyInt;
            para = cmd.Parameters.AddWithValue("@adt_count", adt_count);
            para = cmd.Parameters.AddWithValue("@chd_count", chd_count);
            para = cmd.Parameters.AddWithValue("@inf_count", inf_count);
            para = cmd.Parameters.AddWithValue("@contact_man", contact);
            para = cmd.Parameters.AddWithValue("@mobile_phone", mobile);
            para = cmd.Parameters.AddWithValue("@phone", phone);
            para = cmd.Parameters.AddWithValue("@email", email);
            para = cmd.Parameters.AddWithValue("@address", address);
            para = cmd.Parameters.AddWithValue("@post_code", "");
            para = cmd.Parameters.AddWithValue("@request_type", request_type);
            para = cmd.Parameters.AddWithValue("@airline_buf", airline_buf);
            para = cmd.Parameters.AddWithValue("@flight_buf", flt_buf);
            para = cmd.Parameters.AddWithValue("@fltdate_buf", fltdate_buf);
            para = cmd.Parameters.AddWithValue("@ori_buf", ori_airport_buf);
            para = cmd.Parameters.AddWithValue("@des_buf", des_airport_buf);
            para = cmd.Parameters.AddWithValue("@cabin_buf", cabin_buf);
            para = cmd.Parameters.AddWithValue("@class_buf", class_buf);
            para = cmd.Parameters.AddWithValue("@dbf_buf", dbf_buf);
            para = cmd.Parameters.AddWithValue("@fare_buf", fare_buf);
            para = cmd.Parameters.AddWithValue("@sell_user", user);
            //para = cmd.Parameters.AddWithValue("@pwd", password);
            paraID = new SqlParameter("@bk_id", SqlDbType.BigInt);
            paraID.Direction = ParameterDirection.Output;
            cmd.Parameters.Add(paraID);
            para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd);
            ret_msg = "";
            if (ret_code == 0)
            {
                order_no = System.Convert.ToInt64(paraID.Value);
            }
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ret_code;
    }

    [WebMethod]
    public DataSet GetCommonInfo(long order_no,string user,string sign,out int ret_code,out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ds;
        }
        string sign_key = order_no.ToString();
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ds;
        }

        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //DataSet ds = new DataSet();
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ds;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ds;
        //}
        //string inbuf = order_no.ToString() + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ds;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_get_root_info";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@pwd", password);
            //para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd, ref ds);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ds;
    }

    [WebMethod]
    public DataSet GetEmd(long order_no,int language, string user, string sign, out int ret_code, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ds;
        }
        string sign_key = order_no.ToString();
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ds;
        }

        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //DataSet ds = new DataSet();
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ds;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ds;
        //}
        //string inbuf = order_no.ToString() + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ds;
        //}
        ////////////////////////////////////////////////////////////

        //先查缓冲数据库，如有有效记录直接返回
        //此处需要查实时准确数据，不用缓存！
        //bufKey = "emd:" + order_no.ToString();
        //bufSet = (DataSet)MyCache.GetCache(bufKey);
        //if (bufSet != null)
        //{
        //    return bufSet;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_get_emd_info";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            para = cmd.Parameters.AddWithValue("@lang", language);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@pwd", password);
            //para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd, ref ds);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }

        //MyCache.SetCache(bufKey, ds, 0, 127);

        return ds;
    }

    [WebMethod]
    public DataSet GetEmdIDs(long order_no, int trip_sn, int language, string user, string sign, out int ret_code, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ds;
        }
        string sign_key = order_no.ToString()+"|"+trip_sn.ToString();
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ds;
        }

                
        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //DataSet ds = new DataSet();
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ds;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ds;
        //}
        //string inbuf = airline.ToString() + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ds;
        //}
        /////////////////////////////////////////////////////////

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_get_avail_emd_names_by_trip";// "crsi_get_emd_ids_by_airline";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            para = cmd.Parameters.AddWithValue("@trip_sn",trip_sn);
            para = cmd.Parameters.AddWithValue("@lang", language);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@pwd", password);
            //para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd, ref ds);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }

        return ds;
    }

    [WebMethod]
    public DataSet GetEmdFare(long order_no,int trip_sn,string emd_id,int language,string user, string sign, out int ret_code, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || emd_id.Length < 1 || emd_id.Length > 13 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ds;
        }
        string sign_key = order_no.ToString() + "|" +trip_sn.ToString()+"|"+ emd_id;
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ds;
        }

        
        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //DataSet ds = new DataSet();
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ds;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ds;
        //}
        //string inbuf = airline + "|" + emd_id + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ds;
        //}
        /////////////////////////////////////////////////////

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_get_emd_detail_by_trip";//"crsi_get_emd_fare_by_id";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            para = cmd.Parameters.AddWithValue("@trip_sn", trip_sn);
            para = cmd.Parameters.AddWithValue("@lang", language);
            para = cmd.Parameters.AddWithValue("@emd_id", emd_id);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@pwd", password);
            //para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd, ref ds);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }

        return ds;
    }

    [WebMethod]
    public int EmdAddToCart(long order, short pax_sn, short trip_sn,string emd_id,Single quantity,string remark,
        string user, string sign, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        int ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || emd_id.Length < 1 || emd_id.Length > 13 || remark.Length > 50 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ret_code;
        }
        string sign_key = order.ToString() + "|" + pax_sn.ToString() + "|" + trip_sn.ToString() + "|" + emd_id + "|" + quantity.ToString() + "|" + remark;
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ret_code;
        }


        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //DataSet ds = new DataSet();
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ret_code;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ret_code;
        //}
        //string inbuf = order.ToString() + "|" + pax_sn.ToString() + "|" + trip_sn.ToString() + "|" + airline + "|" + emd_id + "|" + quantity.ToString() + "|" + remark + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ret_code;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_add_emd";
            para = cmd.Parameters.AddWithValue("@bk_id", order);
            para = cmd.Parameters.AddWithValue("@pax_sn", pax_sn);
            para = cmd.Parameters.AddWithValue("@trip_sn", trip_sn);
            para = cmd.Parameters.AddWithValue("@emd_id", emd_id);
            para = cmd.Parameters.AddWithValue("@quantity", quantity);
            para = cmd.Parameters.AddWithValue("@remark", remark);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@ip_addr", Request.UserHostAddress.ToString());
            ret_code = TinyDAL.Exec(ref cmd);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ret_code;
    }

    [WebMethod]
    public int EmdRemoveFromCart(long order, short pax_sn, DateTime cart_time,string user, string sign, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        int ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ret_code;
        }
        string sign_key = order.ToString() + "|" + pax_sn.ToString() + "|" + cart_time.ToString("yyyy-MM-dd HH:mm:ss", DateTimeFormatInfo.InvariantInfo);
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ret_code;
        }


        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //DataSet ds = new DataSet();
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ret_code;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ret_code;
        //}
        //string inbuf = order.ToString() + "|" + pax_sn.ToString() + "|" + cart_time.ToString("yyyy-MM-dd HH:mm:ss", DateTimeFormatInfo.InvariantInfo) + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ret_code;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_remove_emd";
            para = cmd.Parameters.AddWithValue("@bk_id", order);
            para = cmd.Parameters.AddWithValue("@pax_sn", pax_sn);
            para = cmd.Parameters.AddWithValue("@cart_time", cart_time);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@ip_addr", Request.UserHostAddress.ToString());
            ret_code = TinyDAL.Exec(ref cmd);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ret_code;
    }

    [WebMethod]
    public int Submit(long order_no, string user, string sign, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        int ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ret_code;
        }
        string sign_key = order_no.ToString();
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ret_code;
        }

        
        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ret_code;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ret_code;
        //}
        //string inbuf = order_no.ToString() + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ret_code;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_submit";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@pwd", password);
            para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ret_code;
    }

    [WebMethod]
    public int Cancel(long order_no, string user, string sign, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        int ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ret_code;
        }
        string sign_key = order_no.ToString();
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ret_code;
        }

        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //int ret_code;
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ret_code;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ret_code;
        //}
        //string inbuf = order_no.ToString() + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ret_code;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_cancel";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@pwd", password);
            para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ret_code;
    }

    [WebMethod]
    public int RemovePax(long order_no, int pax_sn, string user, string sign, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        int ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ret_code;
        }
        string sign_key = order_no.ToString() + "|" + pax_sn.ToString();
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ret_code;
        }

        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //int ret_code;
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ret_code;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ret_code;
        //}
        //string inbuf = order_no.ToString() + "|" +pax_sn.ToString()+"|"+ dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ret_code;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_delete_pax";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            para = cmd.Parameters.AddWithValue("@pax_sn", pax_sn);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@pwd", password);
            para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ret_code;
    }

    [WebMethod]
    public int Pay(long order_no, string currency, float total_fare, string user, string sign, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        int ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ret_code;
        }
        string sign_key = order_no.ToString();
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ret_code;
        }


        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //int ret_code;
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ret_code;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ret_code;
        //}
        //string inbuf = order_no.ToString() + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ret_code;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_pay";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            para = cmd.Parameters.AddWithValue("@currency", currency);
            para = cmd.Parameters.AddWithValue("@total_paid", total_fare);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@password", password);
            para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            para = cmd.Parameters.Add("@ret_msg", SqlDbType.Char,13);
            para.Direction = ParameterDirection.Output;
            ret_code = TinyDAL.Exec(ref cmd);
            //ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ret_code;
    }

    [WebMethod]
    public DataSet GetPaxList(long order_no, string user, string sign, out int ret_code, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ds;
        }
        string sign_key = order_no.ToString();
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ds;
        }

        
        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //DataSet ds = new DataSet();
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ds;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ds;
        //}
        //string inbuf = order_no.ToString() + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ds;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_get_pax_info";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@pwd", password);
            //para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd, ref ds);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ds;
    }

    [WebMethod]
    public int AddPax(long order_no, string ffp_airline, string ffp_no, short pax_value,string family_name_en, string name_en, string family_name, string name, bool hold_inf,bool male, char age_type,
        string inf_dob,string natiaonality,string id_type,string id_no,DateTime id_expiry,string mobile_phone,string email,
        bool vip, bool alone_chd,string move_assistant,string meal,string remark,bool invoice_needed,string post_address,string post_code, string user, string sign, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        int ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ret_code;
        }
        string sign_key = order_no.ToString() + "|" + id_no;
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ret_code;
        }


        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //int ret_code;
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ret_code;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ret_code;
        //}
        //string inbuf = order_no.ToString() + "|" +id_no+"|"+ dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ret_code;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_add_pax";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            para = cmd.Parameters.AddWithValue("@ffp_airline", ffp_airline);
            para = cmd.Parameters.AddWithValue("@ffp_id", ffp_no);
            para = cmd.Parameters.AddWithValue("@pax_value", pax_value);
            para = cmd.Parameters.AddWithValue("@family_name_en", family_name_en);
            para = cmd.Parameters.AddWithValue("@name_en", name_en);
            para = cmd.Parameters.AddWithValue("@family_name", family_name);
            para = cmd.Parameters.AddWithValue("@name", name);
            para = cmd.Parameters.AddWithValue("@hold_inf",hold_inf);
            para = cmd.Parameters.AddWithValue("@male", male);
            para = cmd.Parameters.AddWithValue("@age_type", age_type);
            para = cmd.Parameters.AddWithValue("@inf_dob", inf_dob);
            para = cmd.Parameters.AddWithValue("@nationality", natiaonality);
            para = cmd.Parameters.AddWithValue("@id_type", id_type);
            para = cmd.Parameters.AddWithValue("@id_no", id_no);
            para = cmd.Parameters.AddWithValue("@id_expired_date", id_expiry);
            para = cmd.Parameters.AddWithValue("@mobile_phone", mobile_phone);
            para = cmd.Parameters.AddWithValue("@email", email);
            para = cmd.Parameters.AddWithValue("@vip", vip);
            para = cmd.Parameters.AddWithValue("@alone_chd", alone_chd);
            para = cmd.Parameters.AddWithValue("@move_assistant", move_assistant);
            para = cmd.Parameters.AddWithValue("@meal", meal);
            para = cmd.Parameters.AddWithValue("@remark", remark);
            para = cmd.Parameters.AddWithValue("@need_invoice", invoice_needed);
            para = cmd.Parameters.AddWithValue("@mail_address", post_address);
            para = cmd.Parameters.AddWithValue("@post_code", post_code);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@password", password);
            para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ret_code;
    }

    //[WebMethod]
    //public int ChangePax(long order_no, int pax_sn,string ffp_entity, string ffp_no, string family_name, string name, Boolean male,
    //    DateTime inf_dob, string natiaonality, string id_type, string id_no, DateTime id_expiry, string mobile_phone, string email,
    //    Boolean vip, string remark, string user, string password, out string ret_msg)
    //{
    //    //为避免虚假订座，取消此功能！
    //    SqlCommand cmd = new SqlCommand();
    //    SqlParameter para;
    //    int ret_code;
    //    try
    //    {
    //        cmd.CommandText = "crsi_change_passenger";
    //        para = cmd.Parameters.AddWithValue("@bk_id", order_no);
    //        para = cmd.Parameters.AddWithValue("@pax_sn", pax_sn);
    //        para = cmd.Parameters.AddWithValue("@ffp_entity", ffp_entity);
    //        para = cmd.Parameters.AddWithValue("@ffp_id", ffp_no);
    //        para = cmd.Parameters.AddWithValue("@family_name", family_name);
    //        para = cmd.Parameters.AddWithValue("@name", name);
    //        para = cmd.Parameters.AddWithValue("@male", male);
    //        para = cmd.Parameters.AddWithValue("@inf_dob", inf_dob);
    //        para = cmd.Parameters.AddWithValue("@nationality", natiaonality);
    //        para = cmd.Parameters.AddWithValue("@id_type", id_type);
    //        para = cmd.Parameters.AddWithValue("@id_no", id_no);
    //        para = cmd.Parameters.AddWithValue("@id_expired_date", id_expiry);
    //        para = cmd.Parameters.AddWithValue("@phone", mobile_phone);
    //        para = cmd.Parameters.AddWithValue("@email", email);
    //        para = cmd.Parameters.AddWithValue("@vip", vip);
    //        para = cmd.Parameters.AddWithValue("@remark", remark);
    //        para = cmd.Parameters.AddWithValue("@user", user);
    //        para = cmd.Parameters.AddWithValue("@password", password);
    //        para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
    //        ret_code = TinyDAL.Exec(ref cmd);
    //        ret_msg = "";
    //    }
    //    catch (Exception ex)
    //    {
    //        ret_msg = ex.Message;
    //        ret_code = -1;
    //    }
    //    return ret_code;
    //}

    [WebMethod]
    public DataSet GetTrip(long order_no, int lang, string user, string sign, out int ret_code, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            return ds;
        }
        string sign_key = order_no.ToString();
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            return ds;
        }


        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //DataSet ds = new DataSet();
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    return ds;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    return ds;
        //}
        //string inbuf = order_no.ToString() + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    return ds;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_get_trip_info";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            //para = cmd.Parameters.AddWithValue("@lang", lang);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@pwd", password);
            //para = cmd.Parameters.AddWithValue("@ip_addr", HttpContext.Current.Request.UserHostAddress);
            ret_code = TinyDAL.Exec(ref cmd, ref ds);
            ret_msg = "";
        }
        catch (Exception ex)
        {
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ds;
    }

    [WebMethod]
    public int CalOrderFare(long order_no, string target_currency, string user, string sign, out float total_fare, out string ret_msg)
    {
        SqlCommand cmd = new SqlCommand();
        SqlParameter para;
        DataSet ds = new DataSet();
        DataTable dt = new DataTable();

        string office;
        int ret_code = 0;
        ret_msg = "";
        if (user.Length > 20 || user.Length < 1 || sign.Length > 50)
        {
            ret_msg = "Found invalid parameters!";
            ret_code = -1;
            total_fare = 0.0f;
            return ret_code;
        }
        string sign_key = order_no.ToString();
        ret_code = API_Auth.Check(user, sign_key, sign, out office);
        if (ret_code != 0)
        {
            ret_msg = "Check API authorize failed!";
            total_fare = 0.0f;
            return ret_code;
        }

        //int ret_code;
        //SqlCommand cmd = new SqlCommand();
        //SqlParameter para;
        //DataTable dt = new DataTable();
        //try
        //{
        //    cmd.CommandText = "sali_user0_get_pwd_hash";
        //    para = cmd.Parameters.AddWithValue("@uid", user);
        //    ret_code = TinyDAL.Exec(ref cmd, ref dt);
        //    ret_msg = "";
        //}
        //catch (Exception ex)
        //{
        //    ret_msg = ex.Message;
        //    ret_code = -1;
        //    total_fare = 0.0f;
        //    return ret_code;
        //}
        //if (dt.Rows.Count != 1)
        //{
        //    ret_msg = "User Not found!";
        //    ret_code = -1;
        //    total_fare = 0.0f;
        //    return ret_code;
        //}
        //string inbuf = order_no.ToString() + "|" + dt.Rows[0][0].ToString();
        //string outbuf = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(inbuf, "MD5");
        //if (outbuf != sign)
        //{
        //    ret_msg = "Illegal!";
        //    ret_code = -1;
        //    total_fare = 0.0f;
        //    return ret_code;
        //}

        cmd.Parameters.Clear();
        try
        {
            cmd.CommandText = "sali_bk_calculate_total_price";
            para = cmd.Parameters.AddWithValue("@bk_id", order_no);
            //para = cmd.Parameters.AddWithValue("@airline", Session["ENTITY"].ToString());//应该是销售单位的兑换表，而非当前用户单位的。不过支付对象应该是销售单位自身！
            para = cmd.Parameters.AddWithValue("@target_currency", target_currency);
            para = cmd.Parameters.AddWithValue("@user", user);
            //para = cmd.Parameters.AddWithValue("@pwd", password);
            para = cmd.Parameters.Add("@total_fare", SqlDbType.Money);
            para.Direction = ParameterDirection.Output;
            ret_code = TinyDAL.Exec(ref cmd);
            ret_msg = "";
            if (ret_code == 0)
            {
                total_fare = Convert.ToSingle(para.Value);
            }
            else
            {
                total_fare = 0.0f;
            }
        }
        catch (Exception ex)
        {
            total_fare = 0.0f;
            ret_msg = ex.Message;
            ret_code = -1;
        }
        return ret_code;
    }
}

